[False positive] figment.trade flagged in Phantom — request review

[worldofhacks]

Summary

Phantom Wallet shows "A request is blocked. This dApp could be malicious." every time a user tries to connect to figment.trade, our production AI-trading platform. Following the documented appeal path (also emailing review@phantom.com).

Domain(s)

• Production: figment.trade + api.figment.trade + agent.figment.trade
• Staging: staging.figment.trade + stagingapi.figment.trade + stagingagent.figment.trade

Verification it is a false positive

• Checked phantom/blocklist master/blocklist.yaml — no entry for figment anywhere in the file
• Repo issues + discussions are disabled, so Blowfish/transaction-simulation heuristic is the most likely source

Project info

Figment is a live AI-powered trading platform (Hyperliquid perps, Polymarket prediction markets, Solana spot via Jupiter). Built by ACT-LABS-IO. Live since late 2025.

• Web: https://figment.trade
• Real users with Privy/Phantom wallets connect daily; new connects provision 1000 platform credits (verified production write today: user_credits row created 2026-04-17 20:22:14 UTC for wallet 8ukw6ZKgPCeBjcQ1DToUoUgJb6TEDcDeuhuryziEswNb).
• All transactions are user-initiated standard Solana signature requests (Jupiter swaps, no obfuscated programs, no airdrops, no proxy contracts, no closeAccount-style drains).
• Wallet provider: Privy embedded wallets + WalletConnect

Possible heuristic triggers

1. Several subdomains on the same root (api., agent., staging., stagingapi., stagingagent.)
2. Cloudflare-fronted (shared IP with many other dApps)
3. Newish .trade TLD
4. We provision per-agent embedded wallets server-side which then submit fanned-out transactions — this volume pattern could look bot-like to anomaly detectors

Asking for

• Removal from any Blowfish/Phantom block on figment.trade and subdomains
• Tell us which heuristic triggered, so we can adjust
• Direct line to your dApp review process for verification

Contact

• Project owner email: amilleralbany@gmail.com
• Filing parallel email to review@phantom.com
• Twitter follow-up via official figment account

Happy to provide additional verification, community vouches, or anything else needed. Thanks!